package com.web.common.controller;


import javax.annotation.Resource;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.web.common.po.User;
import com.web.common.service.IUserService;
import com.web.common.utils.MD5;

@Controller  
@RequestMapping("/auth")  
public class AuthController extends BaseController{
	
	public static final String CAPTCHA_KEY = "captcha_key_name";
	public static final String COOKIE_EMAIL   = "COOKIE_EMAIL";
	public static final String COOKIE_PWD     = "COOKIE_PWD";
	public static final String AUTH_NOTICE    = "AUTH_NOTICE";
	public static final String USER_INFO      = "USER_INFO";
	
	
	
	@Resource
	private IUserService userService;
	
	@RequestMapping(value="/login",method=RequestMethod.GET)
	public String login(HttpServletResponse response,HttpServletRequest request,Model model){
		 
		 String captcha  = (String)request.getSession().getAttribute(CAPTCHA_KEY);
		 String email    = request.getParameter("email");
		 String pwd      = request.getParameter("pwd");
		 String timestamp= request.getParameter("timestamp");
		 String cha      = request.getParameter("cha");
		 String isremmber= request.getParameter("isremmber");
		 
		 String appPath  = request.getContextPath();
		 
		 User user = userService.getUserById(email);
		 
		 //超时检查
		 if(System.currentTimeMillis() - Long.parseLong(timestamp) < 0 || System.currentTimeMillis() - Long.parseLong(timestamp) > 1000*60*5  ){
			 request.getSession().setAttribute(AUTH_NOTICE, "超时，请重新登录！");
			 return "/login/loginPage"; 
		 }
		 
		 //验证码
		 if(cha==null|| !cha.equalsIgnoreCase(captcha)){
			 request.getSession().setAttribute(AUTH_NOTICE, "验证码错误！");
			 return "/login/loginPage";
		 }
		 
		 //用户不存在
		 if(null == user ){
			 request.getSession().setAttribute(AUTH_NOTICE, "用户不存在！");
			 return "/login/loginPage";
		 }
		 
		 //密码验证
		 String signedPwd = MD5.getMD5ofString(user.getUserPdw().toLowerCase()+timestamp);
		 if(!signedPwd.equalsIgnoreCase(pwd)){
			 request.getSession().setAttribute(AUTH_NOTICE, "用户名或密码错误！");
			 return "/login/loginPage";
		 }
		 
		 
		 //记住用户名
		 if(isremmber!=null && isremmber.equals("yes")){
			 //设置Cookie
			 Cookie emailCookie = new Cookie(COOKIE_EMAIL,email);
			 emailCookie.setPath(appPath+"/login");
			 emailCookie.setMaxAge(60*60*24*7);
			 response.addCookie(emailCookie);
		 }
		 else{
			 //清楚Cookie
			 Cookie emailCookie = new Cookie(COOKIE_EMAIL,email);
			 emailCookie.setPath(appPath+"/login");
			 emailCookie.setMaxAge(0);
			 response.addCookie(emailCookie);
			 //清除Session
			 request.getSession().removeAttribute(COOKIE_EMAIL);
		 }
		 
		 //将用户登录信息保存到Session中
		 request.getSession().setAttribute(USER_INFO, user);
		 
		 //清空提示
		 request.getSession().setAttribute(AUTH_NOTICE, "");
		 log.info(user.getUserName()+"....login");
		 return "redirect:/file/fileList";
	 }
	
	@RequestMapping(value="/loginOut",method=RequestMethod.GET)
	public String loginOut(HttpServletResponse response,HttpServletRequest request,Model model){
		request.getSession().removeAttribute(USER_INFO);
		return "/login/loginPage";
	}
	
}
